SPAM Information

This page provides a short list of tips to help you avoid spam and phishing schemes. Here are some definitions of SPAM and Phishing, two of the most common problems you may encounter when you use E-Mail or surfing the web.

They can come to you as email messages to your mailboxes, web pages you visit or viruses on your computer. About 40% of messages come to our mail server are spam messages nowadays; even though we drop those messages we know for certain are spam, and mark the others as '[SPAM]', there are still some spam messages ending up in your regular mailboxes and some of them look really "real".

We suggest that:

No one (including university administration, OIT, system support staff) at Duke or any reputable company (such as your bank) will ask for any sensitive information such as your SSN, your home address, your login name or your password by email. I'm sure you have received some messages supposedly from OIT or the help desk which ask for your login and password; they are completely fake.

Treat any unsolicited email with suspicion, even those from people you know. For example, we get many messages supposedly coming from members of our department. One good trick is to examine the complete email header (press Control U inside Thunderbird). In particular, look at the lines starting 'Received:' and 'Reply-To:'. If the message was sent or came from a foreign address or an site unrelated to the email, then it is probably fake. If the Reply-To address points to a domain other than the From address, it is probably a phishing attempt. Note that it is ridiculously easy to forge email return addresses and is a very common practice.

Don't click on any suspicious web links in email message if you are not 100% certain. Copy and paste into your browser instead. In addition, hovering over the link will show you the actual address it points to in the status bar on many email applications. If the address shown in the status bar does not match the address shown in the email, do not click on the link.

Don't configure your email reader to download and display images automatically. We recommend displaying all messages in plain text; turn on html/images on per message basis if needed. Most email programs will let you select plain text in the View Menu. Thunderbird by default will not load images unless you click on the "Show Remote Content" or "Load Images" button on each email.

Never send anything sensitive to a web site if you are not sure about its true identity, the connection is not encrypted (not https://) or the URL looks funny. For example, https://www.yourbank.com.sbaco.ie/home.html and https://www.y0urbank.com/home.html are not yourbank. Most importantly, NEVER send passwords via unencrypted email. If you are particularly concerned about a link in a email, don't use the link but go directly to the companies website by manually entering the web address into your browser and login from there.

We recommend (especially for Windows users) using the NoScript and/or Flashblock extensions with your firefox browser. These extensions do make browsing a bit less convenient, but will certainly help to protect you from certain attacks via web pages. Most of the web phishing schemes depend on javascript to work. It's also a good idea to clear the web broser cache and history after visiting any secure sites (such as your bank).

Don't just surf to sites blindly because you see it in some dubious web sites or blogs. Think before you surf.

Keep your home/laptop Windows system patched and virus scanner up to date.

Check out the following web sites when you have time for some fun reading:

http://www.ftc.gov/spam/

http://en.wikipedia.org/wiki/Phishing

http://www.snopes.com/computer/virus/virus.asp

Finally, if something sounds too good to be true, then it probably is. Feel free to check with us if you are unsure.